I'm starting to learn Spring Security
and I'm having some doubts. I used to authenticate users using phaseListener
. I have the User MB where its scope is @SessionScoped
. How can I pass this user and configure it in this xml:
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<http pattern="/javax.faces.resource/**" security="none" />
<http auto-config="true" use-expressions="true">
<intercept-url pattern="/Home.xhtml" access="isAuthenticated()" />
<intercept-url pattern="/suspensao/SuspensaoBegin.xhtml*" access="hasAnyRole('INICIO', 'ADMINISTRADORES')" />
<intercept-url pattern="/suspensao/SuspensaoMiddle.xhtml" access="hasAnyRole('MEIO', 'ADMINISTRADORES')" />
<intercept-url pattern="/suspensao/SuspensaoEnd.xhtml" access="hasAnyRole('FIM', 'ADMINISTRADORES')" />
<intercept-url pattern="/**" access="denyAll" />
</http>
<authentication-manager>
<authentication-provider>
<user-service>
<user name="Diego" password="123" authorities="INICIO" />
<user name="Joaquim" password="321" authorities="ADMINISTRADORES" />
</user-service>
</authentication-provider>
</authentication-manager>
</beans:beans>
In short, I would like to move users dynamically so that I can login and authenticate.